ostree
Ansible
Our great sponsors
ostree | Ansible | |
---|---|---|
41 | 388 | |
1,172 | 61,068 | |
3.6% | 1.0% | |
9.5 | 9.8 | |
4 days ago | about 16 hours ago | |
C | Python | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ostree
-
NixOS Reproducible Builds: minimal ISO successfully independently rebuilt
Ansible makes mutable changes to the OS, task by task.
Nix is immutable. A new change is made entirely new, and only after the build is successful, all packages are "symlinked" to the current system.
Fedora Silverblue is based on ostree [1]. It works similarly like git, but on your root tree. But it requires you to reboot the whole system for the changes to take effect. Since Nix is just symlinked packages, you don't need to reboot the system.
More detailed explanation here [2].
[1]: https://github.com/ostreedev/ostree
[2]: https://dataswamp.org/~solene/2023-07-12-intro-to-immutable-...
- Can't install from flathub
- hello guys everytime i intall a flatpak on fedora this error always happnes how do i fix it
-
PSA: Flatpaks are currently broken on Fedora. Here's a temporary solution.
This one is for the ostree bug currently ongoing: https://github.com/ostreedev/ostree/issues/2900
-
flatpak issue on fedora 38 kde
This sounds related to the ostree bug.
- ostree-system-generator failed with exit status 1 on every boot after update.
-
What do you prefer more and why?
I definitely agree that immutability offers considerable value in regards to improving security. But arguably it's insufficient to pull the win over mutable Fedora due to the losses caused by the inability to install the kernel-hardened package and the lack of UKI (Unified Kernel Image) support.
-
Question about immutability
Other hardening guides mention a Unified Kernel Image as another measure to further improve security. Unfortunately, once more, this is (currently) not supported on Fedora Silverblue. I haven't seen it being done on openSUSE Aeon either. Though, once again, I'd love to be corrected!
-
Does an immutable system really provide enhanced security?
The fedora crew is working on it through ostree though, so both fedora Silverblue and flatpak will be getting it (as well as true immutability) in the future: https://github.com/ostreedev/ostree/issues/2867
-
Silverblue/ Kinoite - real-life shortcomings?
Aside from what has already been mentioned, Unified Kernel Image isn't supported (yet).
Ansible
-
Interesting Uses of Ansible's ternary filter
They support for-if from python, too: https://jinja.palletsprojects.com/en/3.1.x/templates/#loop-f... but I haven't tried the "recursive" keyword to know if ansible supports that. I say "ansible supports that" because they don't just drop jinja2 into ansible and call it a draw, they have a bunch of custom execution integrations: https://github.com/ansible/ansible/blob/v2.16.3/lib/ansible/...
-
The 2024 Web Hosting Report
To manage a VM, you can use something as simple as just manual actions over SSH, or can use tools like Ansible, Hashicorp's Packer and Terraform or other automations. For an app where there is minimal load and security/reliability concern, VMs are still a great option that provide a lot of value for the buck
-
A Journey to Find an Ultimate Development Environment
In this article's context, it is simply a tool that provides a declarative way to automate your machine/OS to configure the development machine as you want (install package, modify the configuration, etc). Examples of these tools are Ansible, Puppet, etc.
-
The Director of "Toy Story" Also Drew the BSD Daemon Logo
Now we're getting more tangential, but for years, Ansible releases were named for Van Halen songs (see old Changelog here: https://github.com/ansible/ansible/blob/v1.8.4/CHANGELOG.md)
-
Running stateful workloads on Kubernetes with Rook Ceph
In the lab to follow, we'll quickly provision a 3-node kubeadm cluster (1 master, 2 workers) on the cloud provider of your choice using an automation stack comprised of OpenTofu and Ansible, then deploy Rook Ceph using the official Helm charts and confirm that we are now able to successfully create CSI volume snapshots from PVCs by reusing the MinIO example from our last article.
- Looking for a way to remote in to K's of raspberry pi's...
- ansible builder collections path
-
The Bullhorn #119 (Ansible Newsletter)
Ansible-Core ↗
-
How to perform this when statement (invalid YAML)
The lookup works fine when parsed as say a msg and braced in "{{ }}" but we're told not to use jinja delimiters in when statements (no idea on the whys to that to be honest) - The issue lies around the first ": " and yaml sees that everything preceding this being a mapping... I have tried all manner of fixes described in YAML syntax error when string contains a colon + space · Issue #2769 · ansible/ansible (github.com) but no dice... the error is a variety of 'The error was: template error while templating string' type errors depending on what attempted fix I'm applying..
-
uyuni – open-source configuration and infrastructure management
IBM -> RedHat -> Ansible (https://docs.ansible.com/platform.html)
I think the new ansible docs are opaque, and the new "everything is an ansible collection" scheme makes troubleshooting any issues reported by users hundreds of times harder than "the old days"
I keep this (https://github.com/ansible-community/ansible-build-data/blob...) bookmarked because it's the only way to match up what "ansible 8.1.0" (https://pypi.org/project/ansible/8.1.0/) even means since it for damn sure not any of this: https://github.com/ansible/ansible/releases (they used to have a 'release' pinned on that releases tab saying "these are not the droids you are looking for"). I believe I tried asking for them to update the completely erroneous pypi "source code" link to point to that repo and ... well, one can see how well that turned out
What are some alternatives?
rpm-ostree - ⚛📦 Hybrid image/package system with atomic upgrades and package layering
Cloud-Init - unofficial mirror of Ubuntu's cloud-init
apt2ostree - Build ostree images based on Debian/Ubuntu
pyinfra - pyinfra automates infrastructure using Python. It’s fast and scales from one server to thousands. Great for ad-hoc command execution, service deployment, configuration management and more.
bubblewrap - Low-level unprivileged sandboxing tool used by Flatpak and similar projects
Home Manager using Nix - Manage a user environment using Nix [maintainer=@rycee]
flatpak - Linux application sandboxing and distribution framework
Fabric - Simple, Pythonic remote execution and deployment.
waydroid - Waydroid uses a container-based approach to boot a full Android system on a regular GNU/Linux system like Ubuntu.
cloudinit - Official upstream for the cloud-init: cloud instance initialization
mkosi - 💽 Build Bespoke OS Images
Pulumi - Pulumi - Infrastructure as Code in any programming language. Build infrastructure intuitively on any cloud using familiar languages 🚀